OAuth callback (browser)

GET 
/api/auth/oauth/:provider/callback

Handled by the identity provider’s redirect. Do not call from your backend. On success, redirects to your redirect_url with code and provider query params (and optional state). On failure may redirect with error or return JSON/text errors.

Request

Responses

302

Redirect to developer app with exchange code or error.

400

Validation or state error (body format varies).